Conventions
By convention, any interceptor CFC must create a method with the same name as the event they want to listen to. This method has a return type of boolean and receives 5 arguments. So let's explore their rules.
1
boolean function {point}( event, data, buffer, rc, prc );
Copied!

Arguments

  • event which is the request context object
  • data which is a structure of data that the broadcaster sends
  • buffer which is a request buffer object you can use to elegantly produce content that is outputted to the user's screen
  • rc reference to the request collection struct
  • prc reference to the private request collection struct

Return type

The intercepting method returns boolean or void. If boolean then it means something:
  • True means break the chain of execution, so no other interceptors in the chain will fire.
  • False or void continue execution
1
component extends="coldbox.system.Interceptor"{
2
3
function configure(){}
4
5
boolean function afterConfigurationLoad(event,data,buffer){
6
if( getProperty('interceptorCompleted') eq false){
7
parseAndSet();
8
setProperty('interceptorCompleted',true);
9
}
10
11
return false;
12
}
13
}
Copied!
Also remember that all interceptors are created by WireBox, so you can use dependency injection, configuration binder's, and even AOP on interceptor objects. Here is a more complex sample:
HTTP Security Example:
1
/**
2
* Intercepts with HTTP Basic Authentication
3
*/
4
component {
5
6
// Security Service
7
property name="securityService" inject="id:SecurityService";
8
9
void function configure(){
10
if( !propertyExists("enabled") ){
11
setProperty("enabled", true );
12
}
13
}
14
15
void function preProcess(event,struct data, buffer){
16
17
// verify turned on
18
if( !getProperty("enabled") ){ return; }
19
20
// Verify Incoming Headers to see if we are authorizing already or we are already Authorized
21
if( !securityService.isLoggedIn() OR len( event.getHTTPHeader("Authorization","") ) ){
22
23
// Verify incoming authorization
24
var credentials = event.getHTTPBasicCredentials();
25
if( securityService.authorize(credentials.username, credentials.password) ){
26
// we are secured woot woot!
27
return;
28
};
29
30
// Not secure!
31
event.setHTTPHeader(name="WWW-Authenticate",value="basic realm=""Please enter your username and password for our Cool App!""");
32
33
// secured content data and skip event execution
34
event.renderData(data="<h1>Unathorized Access<p>Content Requires Authentication</p>",statusCode="401",statusText="Unauthorized")
35
.noExecution();
36
}
37
38
}
39
40
}
Copied!
Last modified 1yr ago
Copy link
Edit on GitHub